Correlation
Correlation of logs and events to pinpoint significant threats
Cat avg: 8.4
Top Performing Features
Centralized event and log data collection
Effectiveness of real-time centralized event and log data collection
Cat avg: 8.5
Event and log normalization/management
Ability to normalize event syntax so that logs can be compared and are machine-understandable
Cat avg: 8.6
Host and network-based intrusion detection
Ability to detect both endpoint intrusion and network ingress detection
Cat avg: 8.1
Worst Performing Features
Deployment flexibility
Ability to tune system to maximize threat detection and minimize false positives
Cat avg: 7.4
Custom dashboards and workspaces
dashboards that can be customized to meet the needs of specific groups
Cat avg: 8.4
FortiSIEM Features from Reviews
Security Information and Event Management (SIEM)
Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools
5.3-34%
Centralized event and log data collection
Effectiveness of real-time centralized event and log data collection
Category average: 8.5
Correlation
Correlation of logs and events to pinpoint significant threats
Category average: 8.4
Event and log normalization/management
Ability to normalize event syntax so that logs can be compared and are machine-understandable
Category average: 8.6
Deployment flexibility
Ability to tune system to maximize threat detection and minimize false positives
Category average: 7.4
Custom dashboards and workspaces
dashboards that can be customized to meet the needs of specific groups
Category average: 8.4
Host and network-based intrusion detection
Ability to detect both endpoint intrusion and network ingress detection
Category average: 8.1